package com.eeGroup.controller;

import com.eeGroup.service.CommonConfig;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

@Controller
public class AuthController {

    static Logger logger = LoggerFactory.getLogger(AuthController.class);

    @Autowired
    private CommonConfig config;

    @RequestMapping(value = "/login")
    public ModelAndView login(HttpServletRequest request, HttpServletResponse response,
                              @RequestParam(value = "msg", required=false) String msg){
        ModelAndView model = new ModelAndView("loginPage");

        String systemName = config.getSystemName();
        if(StringUtils.isNotEmpty(systemName)){
            model.addObject("systemName",systemName);
        }

        model.addObject("msg",msg);
        return model;
    }


    @PostMapping("/doLogin")
    public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response,
                                @RequestParam(value = "username",required = false) String username,
                                @RequestParam(value ="password",required = false) String password){

        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);
        try {
            subject.login(token); // Shiro 认证
            return new ModelAndView("redirect:/main");
        } catch (UnknownAccountException e) {
            request.getSession().setAttribute("shiroLoginFailure", "账号不存在！");
        } catch (IncorrectCredentialsException e) {
            request.getSession().setAttribute("shiroLoginFailure", "密码错误！");
        } catch (AuthenticationException e) {
            request.getSession().setAttribute("shiroLoginFailure", "账号密码不正确！");
        }
        return new ModelAndView("redirect:/login");
    }

    // 退出登录
    @RequestMapping("/logout")
    public ModelAndView logout(HttpSession session) {
        SecurityUtils.getSubject().logout();
        return new ModelAndView("redirect:/login");
    }

    @RequestMapping("/unauthorize")
    public ModelAndView unauthorizePage() {
        return new ModelAndView("unauthorizePage");
    }
}
